From cvs at cvs.gnupg.org Tue Apr 4 10:47:36 2017 From: cvs at cvs.gnupg.org (by NIIBE Yutaka) Date: Tue, 04 Apr 2017 10:47:36 +0200 Subject: [git] GCRYPT - branch, master, updated. libgcrypt-1.7.3-78-g719468e Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU crypto library". The branch, master has been updated via 719468e53133d3bdf12156c5bfdea2bf15f9f6f1 (commit) from 654024081cfa103c87bb163b117ea3568171d408 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 719468e53133d3bdf12156c5bfdea2bf15f9f6f1 Author: NIIBE Yutaka Date: Tue Apr 4 17:38:05 2017 +0900 mpi: Simplify mpi_powm. * mpi/mpi-pow.c (_gcry_mpi_powm): Simplify the loop. -- This fix is not a solution for the problem reported (yet). The problem is that the current algorithm of _gcry_mpi_powm depends on exponent and some information leaks is possible. Reported-by: Andreas Zankl Signed-off-by: NIIBE Yutaka diff --git a/mpi/mpi-pow.c b/mpi/mpi-pow.c index a780ebd..7b3dc31 100644 --- a/mpi/mpi-pow.c +++ b/mpi/mpi-pow.c @@ -609,12 +609,8 @@ _gcry_mpi_powm (gcry_mpi_t res, if (e == 0) { j += c; - i--; - if ( i < 0 ) - { - c = 0; - break; - } + if ( --i < 0 ) + break; e = ep[i]; c = BITS_PER_MPI_LIMB; @@ -629,38 +625,33 @@ _gcry_mpi_powm (gcry_mpi_t res, c -= c0; j += c0; + e0 = (e >> (BITS_PER_MPI_LIMB - W)); if (c >= W) - { - e0 = (e >> (BITS_PER_MPI_LIMB - W)); - e = (e << W); - c -= W; - } + c0 = 0; else { - i--; - if ( i < 0 ) + if ( --i < 0 ) { - e = (e >> (BITS_PER_MPI_LIMB - c)); - break; + e0 = (e >> (BITS_PER_MPI_LIMB - c)); + j += c - W; + goto last_step; + } + else + { + c0 = c; + e = ep[i]; + c = BITS_PER_MPI_LIMB; + e0 |= (e >> (BITS_PER_MPI_LIMB - (W - c0))); } - - c0 = c; - e0 = (e >> (BITS_PER_MPI_LIMB - W)) - | (ep[i] >> (BITS_PER_MPI_LIMB - W + c0)); - e = (ep[i] << (W - c0)); - c = BITS_PER_MPI_LIMB - W + c0; } + e = e << (W - c0); + c -= (W - c0); + + last_step: count_trailing_zeros (c0, e0); e0 = (e0 >> c0) >> 1; - for (j += W - c0; j; j--) - { - mul_mod (xp, &xsize, rp, rsize, rp, rsize, mp, msize, &karactx); - tp = rp; rp = xp; xp = tp; - rsize = xsize; - } - /* * base_u <= precomp[e0] * base_u_size <= precomp_size[e0] @@ -677,25 +668,23 @@ _gcry_mpi_powm (gcry_mpi_t res, u.d = precomp[k]; mpi_set_cond (&w, &u, k == e0); - base_u_size |= (precomp_size[k] & ((mpi_size_t)0 - (k == e0)) ); + base_u_size |= ( precomp_size[k] & ((mpi_size_t)0 - (k == e0)) ); } - mul_mod (xp, &xsize, rp, rsize, base_u, base_u_size, - mp, msize, &karactx); - tp = rp; rp = xp; xp = tp; - rsize = xsize; + for (j += W - c0; j >= 0; j--) + { + mul_mod (xp, &xsize, rp, rsize, + j == 0 ? base_u : rp, j == 0 ? base_u_size : rsize, + mp, msize, &karactx); + tp = rp; rp = xp; xp = tp; + rsize = xsize; + } j = c0; + if ( i < 0 ) + break; } - if (c != 0) - { - j += c; - count_trailing_zeros (c, e); - e = (e >> c); - j -= c; - } - while (j--) { mul_mod (xp, &xsize, rp, rsize, rp, rsize, mp, msize, &karactx); @@ -703,40 +692,6 @@ _gcry_mpi_powm (gcry_mpi_t res, rsize = xsize; } - if (e != 0) - { - /* - * base_u <= precomp[(e>>1)] - * base_u_size <= precomp_size[(e>>1)] - */ - base_u_size = 0; - for (k = 0; k < (1<< (W - 1)); k++) - { - struct gcry_mpi w, u; - w.alloced = w.nlimbs = precomp_size[k]; - u.alloced = u.nlimbs = precomp_size[k]; - w.sign = u.sign = 0; - w.flags = u.flags = 0; - w.d = base_u; - u.d = precomp[k]; - - mpi_set_cond (&w, &u, k == (e>>1)); - base_u_size |= (precomp_size[k] & ((mpi_size_t)0 - (k == (e>>1))) ); - } - - mul_mod (xp, &xsize, rp, rsize, base_u, base_u_size, - mp, msize, &karactx); - tp = rp; rp = xp; xp = tp; - rsize = xsize; - - for (; c; c--) - { - mul_mod (xp, &xsize, rp, rsize, rp, rsize, mp, msize, &karactx); - tp = rp; rp = xp; xp = tp; - rsize = xsize; - } - } - /* We shifted MOD, the modulo reduction argument, left MOD_SHIFT_CNT steps. Adjust the result by reducing it with the original MOD. ----------------------------------------------------------------------- Summary of changes: mpi/mpi-pow.c | 105 +++++++++++++++++----------------------------------------- 1 file changed, 30 insertions(+), 75 deletions(-) hooks/post-receive -- The GNU crypto library http://git.gnupg.org _______________________________________________ Gnupg-commits mailing list Gnupg-commits at gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-commits From peter at lekensteyn.nl Tue Apr 11 14:20:26 2017 From: peter at lekensteyn.nl (Peter Wu) Date: Tue, 11 Apr 2017 14:20:26 +0200 Subject: Disable FIPS by application? Message-ID: <20170411122026.GC25751@al> Hi, Recently Wireshark has made Libgcrypt mandatory so we could drop the bundled code for MD5, SHA1, DES, etc. Since some (older) protocols use these algorithms, it must be supported. However with FIPS mode enforced, these algorithms are not enabled. Is there any workaround other than bundling the code again (sigh)? Like requesting Libgcrypt not to enable FIPS mode from the application? QEMU had a similar problem in the past with this mode: https://lists.gnu.org/archive/html/gnutls-devel/2008-09/msg00063.html Here is the output (from https://code.wireshark.org/review/20095): # echo 1 > /etc/gcrypt/fips_enabled $ ./run/capinfos -H /path/to/a.pcap error in libgcrypt, file fips.c, line 301, function _gcry_inactivate_fips_mode: MD5 used Ohhhh jeeee: ... this is a bug (md.c:809:md_read) fatal error in libgcrypt, file misc.c, line 140, function _gcry_logv: internal error (fatal or bug) Aborted (core dumped) -- Kind regards, Peter Wu https://lekensteyn.nl From peter at lekensteyn.nl Tue Apr 11 16:59:06 2017 From: peter at lekensteyn.nl (Peter Wu) Date: Tue, 11 Apr 2017 16:59:06 +0200 Subject: Disable FIPS by application? In-Reply-To: <3858270.S30Y4vnIA1@tauon.chronox.de> References: <20170411122026.GC25751@al> <3858270.S30Y4vnIA1@tauon.chronox.de> Message-ID: <20170411145906.GD25751@al> On Tue, Apr 11, 2017 at 04:48:52PM +0200, Stephan M?ller wrote: > Am Dienstag, 11. April 2017, 14:20:26 CEST schrieb Peter Wu: > > Hi Peter, > > > Hi, > > > > Recently Wireshark has made Libgcrypt mandatory so we could drop the > > bundled code for MD5, SHA1, DES, etc. Since some (older) protocols use > > these algorithms, it must be supported. > > > > However with FIPS mode enforced, these algorithms are not enabled. Is > > there any workaround other than bundling the code again (sigh)? Like > > requesting Libgcrypt not to enable FIPS mode from the application? > > It is the idea of the FIPS mode to not allow MD5 and friends. Yes, that's understood. The problem however is that the application is not intended to be subject to this policy. > However, for FIPS 140-2 level 1 validations (this is the highest that can be > achieved by libgcrypt), there is *no* need for a techncial enforcement. I.e. > it is perfectly viable to drop all code that disallows ciphers when in FIPS > mode. So is it possible to disable this enforcement in a Libgcrypt user? Kind regards, Peter > > > > QEMU had a similar problem in the past with this mode: > > https://lists.gnu.org/archive/html/gnutls-devel/2008-09/msg00063.html > > > > Here is the output (from https://code.wireshark.org/review/20095): > > > > # echo 1 > /etc/gcrypt/fips_enabled > > $ ./run/capinfos -H /path/to/a.pcap > > error in libgcrypt, file fips.c, line 301, function > > _gcry_inactivate_fips_mode: MD5 used Ohhhh jeeee: ... this is a bug > > (md.c:809:md_read) > > fatal error in libgcrypt, file misc.c, line 140, function _gcry_logv: > > internal error (fatal or bug) Aborted (core dumped) > > > > Ciao > Stephan From peter at lekensteyn.nl Tue Apr 11 17:27:39 2017 From: peter at lekensteyn.nl (Peter Wu) Date: Tue, 11 Apr 2017 17:27:39 +0200 Subject: Disable FIPS by application? In-Reply-To: <2140601.g6qdz4pssh@tauon.chronox.de> References: <20170411122026.GC25751@al> <3858270.S30Y4vnIA1@tauon.chronox.de> <20170411145906.GD25751@al> <2140601.g6qdz4pssh@tauon.chronox.de> Message-ID: <20170411152739.GE25751@al> On Tue, Apr 11, 2017 at 05:14:29PM +0200, Stephan M?ller wrote: > Am Dienstag, 11. April 2017, 16:59:06 CEST schrieb Peter Wu: > > Hi Peter, > > > On Tue, Apr 11, 2017 at 04:48:52PM +0200, Stephan M?ller wrote: > > > Am Dienstag, 11. April 2017, 14:20:26 CEST schrieb Peter Wu: > > > > > > Hi Peter, > > > > > > > Hi, > > > > > > > > Recently Wireshark has made Libgcrypt mandatory so we could drop the > > > > bundled code for MD5, SHA1, DES, etc. Since some (older) protocols use > > > > these algorithms, it must be supported. > > > > > > > > However with FIPS mode enforced, these algorithms are not enabled. Is > > > > there any workaround other than bundling the code again (sigh)? Like > > > > requesting Libgcrypt not to enable FIPS mode from the application? > > > > > > It is the idea of the FIPS mode to not allow MD5 and friends. > > > > Yes, that's understood. The problem however is that the application is > > not intended to be subject to this policy. > > That is the common crux of the matter :-) > > > > > However, for FIPS 140-2 level 1 validations (this is the highest that can > > > be achieved by libgcrypt), there is *no* need for a techncial > > > enforcement. I.e. it is perfectly viable to drop all code that disallows > > > ciphers when in FIPS mode. > > > > So is it possible to disable this enforcement in a Libgcrypt user? > > It is permissible to disable the enforcement of the cipher restrictions. Other > FIPS related enforcements cannot be removed. Hmm, that is unfortunate. So in order to (for example) support MD5 (for verifying checksums or deriving keys for decryption and dissection), we would have to use another crypto library *or* require the administrator to keep FIPS enforcement disabled (by not creating /etc/gcrypt/fips_enabled)? -- Kind regards, Peter Wu https://lekensteyn.nl PS. For some reason your messages are not appearing in the archives at https://lists.gnupg.org/pipermail/gcrypt-devel/2017-April/ From smueller at chronox.de Tue Apr 11 17:43:35 2017 From: smueller at chronox.de (Stephan =?ISO-8859-1?Q?M=FCller?=) Date: Tue, 11 Apr 2017 17:43:35 +0200 Subject: Disable FIPS by application? In-Reply-To: <20170411152739.GE25751@al> References: <20170411122026.GC25751@al> <2140601.g6qdz4pssh@tauon.chronox.de> <20170411152739.GE25751@al> Message-ID: <6878407.JSNOifgANK@tauon.chronox.de> Am Dienstag, 11. April 2017, 17:27:39 CEST schrieb Peter Wu: Hi Peter, > > > So is it possible to disable this enforcement in a Libgcrypt user? > > > > It is permissible to disable the enforcement of the cipher restrictions. > > Other FIPS related enforcements cannot be removed. > > Hmm, that is unfortunate. So in order to (for example) support MD5 (for > verifying checksums or deriving keys for decryption and dissection), we > would have to use another crypto library *or* > require the administrator to keep FIPS enforcement disabled (by not > creating /etc/gcrypt/fips_enabled)? Maybe I was not clear: you can remove the code that disables the non-approved ciphers like MD5. I.e. you can technically use MD5 even though libgcrypt is in FIPS mode. Other FIPS changes (like the use of the SP800-90A DRBG or self tests) must not be touched. Ciao Stephan From peter at lekensteyn.nl Tue Apr 11 17:59:58 2017 From: peter at lekensteyn.nl (Peter Wu) Date: Tue, 11 Apr 2017 17:59:58 +0200 Subject: Disable FIPS by application? In-Reply-To: <6878407.JSNOifgANK@tauon.chronox.de> References: <20170411122026.GC25751@al> <2140601.g6qdz4pssh@tauon.chronox.de> <20170411152739.GE25751@al> <6878407.JSNOifgANK@tauon.chronox.de> Message-ID: <20170411155958.GF25751@al> On Tue, Apr 11, 2017 at 05:43:35PM +0200, Stephan M?ller wrote: > Am Dienstag, 11. April 2017, 17:27:39 CEST schrieb Peter Wu: > > Hi Peter, > > > > > So is it possible to disable this enforcement in a Libgcrypt user? > > > > > > It is permissible to disable the enforcement of the cipher restrictions. > > > Other FIPS related enforcements cannot be removed. > > > > Hmm, that is unfortunate. So in order to (for example) support MD5 (for > > verifying checksums or deriving keys for decryption and dissection), we > > would have to use another crypto library *or* > > require the administrator to keep FIPS enforcement disabled (by not > > creating /etc/gcrypt/fips_enabled)? > > Maybe I was not clear: you can remove the code that disables the non-approved > ciphers like MD5. Which code? Libgcrypt? We are not bundling Libgcrypt but use whatever is installed on the system. > you can technically use MD5 even though libgcrypt is in FIPS mode. It seems possible to do this based on a look in src/fips.c, except when FIPS enforcement is in effect (/etc/gcrypt/fips_enabled = 1). > Other FIPS changes (like the use of the SP800-90A DRBG or self tests) must not > be touched. > > Ciao > Stephan -- Kind regards, Peter Wu https://lekensteyn.nl From smueller at chronox.de Tue Apr 11 18:01:46 2017 From: smueller at chronox.de (Stephan =?ISO-8859-1?Q?M=FCller?=) Date: Tue, 11 Apr 2017 18:01:46 +0200 Subject: Disable FIPS by application? In-Reply-To: <20170411155958.GF25751@al> References: <20170411122026.GC25751@al> <6878407.JSNOifgANK@tauon.chronox.de> <20170411155958.GF25751@al> Message-ID: <1768768.a5AMtH48UN@tauon.chronox.de> Am Dienstag, 11. April 2017, 17:59:58 CEST schrieb Peter Wu: Hi Peter, > On Tue, Apr 11, 2017 at 05:43:35PM +0200, Stephan M?ller wrote: > > Am Dienstag, 11. April 2017, 17:27:39 CEST schrieb Peter Wu: > > > > Hi Peter, > > > > > > > So is it possible to disable this enforcement in a Libgcrypt user? > > > > > > > > It is permissible to disable the enforcement of the cipher > > > > restrictions. > > > > Other FIPS related enforcements cannot be removed. > > > > > > Hmm, that is unfortunate. So in order to (for example) support MD5 (for > > > verifying checksums or deriving keys for decryption and dissection), we > > > would have to use another crypto library *or* > > > require the administrator to keep FIPS enforcement disabled (by not > > > creating /etc/gcrypt/fips_enabled)? > > > > Maybe I was not clear: you can remove the code that disables the > > non-approved ciphers like MD5. > > Which code? Libgcrypt? We are not bundling Libgcrypt but use whatever is > installed on the system. Exactly that is the problem. The current libgcrypt code disables ciphers like MD5. This is not really needed and could be reverted in the libgcrypt code. This though would not help you in the short run. Ciao Stephan From smueller at chronox.de Tue Apr 11 16:48:52 2017 From: smueller at chronox.de (Stephan =?ISO-8859-1?Q?M=FCller?=) Date: Tue, 11 Apr 2017 16:48:52 +0200 Subject: Disable FIPS by application? In-Reply-To: <20170411122026.GC25751@al> References: <20170411122026.GC25751@al> Message-ID: <3858270.S30Y4vnIA1@tauon.chronox.de> Am Dienstag, 11. April 2017, 14:20:26 CEST schrieb Peter Wu: Hi Peter, > Hi, > > Recently Wireshark has made Libgcrypt mandatory so we could drop the > bundled code for MD5, SHA1, DES, etc. Since some (older) protocols use > these algorithms, it must be supported. > > However with FIPS mode enforced, these algorithms are not enabled. Is > there any workaround other than bundling the code again (sigh)? Like > requesting Libgcrypt not to enable FIPS mode from the application? It is the idea of the FIPS mode to not allow MD5 and friends. However, for FIPS 140-2 level 1 validations (this is the highest that can be achieved by libgcrypt), there is *no* need for a techncial enforcement. I.e. it is perfectly viable to drop all code that disallows ciphers when in FIPS mode. > > QEMU had a similar problem in the past with this mode: > https://lists.gnu.org/archive/html/gnutls-devel/2008-09/msg00063.html > > Here is the output (from https://code.wireshark.org/review/20095): > > # echo 1 > /etc/gcrypt/fips_enabled > $ ./run/capinfos -H /path/to/a.pcap > error in libgcrypt, file fips.c, line 301, function > _gcry_inactivate_fips_mode: MD5 used Ohhhh jeeee: ... this is a bug > (md.c:809:md_read) > fatal error in libgcrypt, file misc.c, line 140, function _gcry_logv: > internal error (fatal or bug) Aborted (core dumped) Ciao Stephan From smueller at chronox.de Tue Apr 11 17:14:29 2017 From: smueller at chronox.de (Stephan =?ISO-8859-1?Q?M=FCller?=) Date: Tue, 11 Apr 2017 17:14:29 +0200 Subject: Disable FIPS by application? In-Reply-To: <20170411145906.GD25751@al> References: <20170411122026.GC25751@al> <3858270.S30Y4vnIA1@tauon.chronox.de> <20170411145906.GD25751@al> Message-ID: <2140601.g6qdz4pssh@tauon.chronox.de> Am Dienstag, 11. April 2017, 16:59:06 CEST schrieb Peter Wu: Hi Peter, > On Tue, Apr 11, 2017 at 04:48:52PM +0200, Stephan M?ller wrote: > > Am Dienstag, 11. April 2017, 14:20:26 CEST schrieb Peter Wu: > > > > Hi Peter, > > > > > Hi, > > > > > > Recently Wireshark has made Libgcrypt mandatory so we could drop the > > > bundled code for MD5, SHA1, DES, etc. Since some (older) protocols use > > > these algorithms, it must be supported. > > > > > > However with FIPS mode enforced, these algorithms are not enabled. Is > > > there any workaround other than bundling the code again (sigh)? Like > > > requesting Libgcrypt not to enable FIPS mode from the application? > > > > It is the idea of the FIPS mode to not allow MD5 and friends. > > Yes, that's understood. The problem however is that the application is > not intended to be subject to this policy. That is the common crux of the matter :-) > > > However, for FIPS 140-2 level 1 validations (this is the highest that can > > be achieved by libgcrypt), there is *no* need for a techncial > > enforcement. I.e. it is perfectly viable to drop all code that disallows > > ciphers when in FIPS mode. > > So is it possible to disable this enforcement in a Libgcrypt user? It is permissible to disable the enforcement of the cipher restrictions. Other FIPS related enforcements cannot be removed. Ciao Stephan From cvs at cvs.gnupg.org Fri Apr 28 02:37:37 2017 From: cvs at cvs.gnupg.org (by NIIBE Yutaka) Date: Fri, 28 Apr 2017 02:37:37 +0200 Subject: [git] GCRYPT - branch, master, updated. libgcrypt-1.7.3-79-g9b651fb Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU crypto library". The branch, master has been updated via 9b651fb632f3697e70685c9ee340ab0cb2274bdf (commit) from 719468e53133d3bdf12156c5bfdea2bf15f9f6f1 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 9b651fb632f3697e70685c9ee340ab0cb2274bdf Author: NIIBE Yutaka Date: Fri Apr 28 09:27:00 2017 +0900 Spelling fixes in docs and comments. -- GnuPG-bug-id: 3120 Reported-by: ka7 (klemens) Signed-off-by: NIIBE Yutaka diff --git a/TODO b/TODO index ffadc06..7aa4de1 100644 --- a/TODO +++ b/TODO @@ -18,7 +18,7 @@ * Add attributes to the MPI functions. -* cipher/pubkey.c and pubkey implementaions. +* cipher/pubkey.c and pubkey implementations. Don't rely on the secure memory based wiping function but add an extra wiping. diff --git a/acinclude.m4 b/acinclude.m4 index dcdadfd..fc208c5 100644 --- a/acinclude.m4 +++ b/acinclude.m4 @@ -29,7 +29,7 @@ define([GCRY_MSG_SHOW], dnl GCRY_MSG_WRAP(PREFIX, ALGOLIST) dnl Print a nicely formatted list of algorithms -dnl with an approriate line wrap. +dnl with an appropriate line wrap. dnl define([GCRY_MSG_WRAP], [ @@ -275,7 +275,7 @@ AC_CHECK_TOOL(AS, as, false) ]) dnl LIST_MEMBER() -dnl Check wether an element ist contained in a list. Set `found' to +dnl Check whether an element ist contained in a list. Set `found' to dnl `1' if the element is found in the list, to `0' otherwise. AC_DEFUN([LIST_MEMBER], [ diff --git a/build-aux/texinfo.tex b/build-aux/texinfo.tex index a181898..5a17f97 100644 --- a/build-aux/texinfo.tex +++ b/build-aux/texinfo.tex @@ -415,7 +415,7 @@ \def\argremovecomment#1\comment#2\ArgTerm{\argremovec #1\c\ArgTerm} \def\argremovec#1\c#2\ArgTerm{\argcheckspaces#1\^^M\ArgTerm} -% Each occurence of `\^^M' or `\^^M' is replaced by a single space. +% Each occurrence of `\^^M' or `\^^M' is replaced by a single space. % % \argremovec might leave us with trailing space, e.g., % @end itemize @c foo @@ -440,7 +440,7 @@ % to get _exactly_ the rest of the line, we had to prevent such situation. % We prepended an \empty token at the very beginning and we expand it now, % just before passing the control to \argtorun. -% (Similarily, we have to think about #3 of \argcheckspacesY above: it is +% (Similarly, we have to think about #3 of \argcheckspacesY above: it is % either the null string, or it ends with \^^M---thus there is no danger % that a pair of braces would be stripped. % @@ -497,7 +497,7 @@ % used to check whether the current environment is the one expected. % % Non-false conditionals (@iftex, @ifset) don't fit into this, so they -% are not treated as enviroments; they don't open a group. (The +% are not treated as environments; they don't open a group. (The % implementation of @end takes care not to call \endgroup in this % special case.) @@ -520,7 +520,7 @@ \fi } -% Evironment mismatch, #1 expected: +% Environment mismatch, #1 expected: \def\badenverr{% \errhelp = \EMsimple \errmessage{This command can appear only \inenvironment\temp, @@ -7034,7 +7034,7 @@ end % In case a @footnote appears in a vbox, save the footnote text and create % the real \insert just after the vbox finished. Otherwise, the insertion % would be lost. -% Similarily, if a @footnote appears inside an alignment, save the footnote +% Similarly, if a @footnote appears inside an alignment, save the footnote % text to a box and make the \insert when a row of the table is finished. % And the same can be done for other insert classes. --kasal, 16nov03. diff --git a/cipher/cipher-internal.h b/cipher/cipher-internal.h index ea9c33d..b748125 100644 --- a/cipher/cipher-internal.h +++ b/cipher/cipher-internal.h @@ -124,7 +124,7 @@ struct gcry_cipher_handle /* A structure with function pointers for bulk operations. Due to limitations of the module system (we don't want to change the API) we need to keep these function pointers here. The cipher - open function intializes them and the actual encryption routines + open function initializes them and the actual encryption routines use them if they are not NULL. */ struct { void (*cfb_enc)(void *context, unsigned char *iv, diff --git a/cipher/cipher.c b/cipher/cipher.c index 124700e..9812738 100644 --- a/cipher/cipher.c +++ b/cipher/cipher.c @@ -1006,7 +1006,7 @@ _gcry_cipher_encrypt (gcry_cipher_hd_t h, void *out, size_t outsize, /**************** * Decrypt INBUF to OUTBUF with the mode selected at open. * inbuf and outbuf may overlap or be the same. - * Depending on the mode some some contraints apply to INBUFLEN. + * Depending on the mode some some constraints apply to INBUFLEN. */ static gcry_err_code_t cipher_decrypt (gcry_cipher_hd_t c, byte *outbuf, size_t outbuflen, diff --git a/cipher/ecc-misc.c b/cipher/ecc-misc.c index 8f7b8c4..41debe4 100644 --- a/cipher/ecc-misc.c +++ b/cipher/ecc-misc.c @@ -333,7 +333,7 @@ _gcry_ecc_mont_decodepoint (gcry_mpi_t pk, mpi_ec_t ctx, mpi_point_t result) * 0x40 for x-only coordinate. * * For data with older implementation (non-released development - * version), it is possibe to have the 0x40 as a part of data. + * version), it is possible to have the 0x40 as a part of data. * Besides, when data was parsed as MPI, we might have 0x00 * prefix. * diff --git a/cipher/primegen.c b/cipher/primegen.c index cccda84..c7977d1 100644 --- a/cipher/primegen.c +++ b/cipher/primegen.c @@ -1301,7 +1301,7 @@ find_x931_prime (const gcry_mpi_t pfirst) mpi_set_bit (prime, 0); /* We use 64 Rabin-Miller rounds which is better and thus - sufficient. We do not have a Lucas test implementaion thus we + sufficient. We do not have a Lucas test implementation thus we can't do it in the X9.31 preferred way of running a few Rabin-Miller followed by one Lucas test. */ while ( !check_prime (prime, val_2, 64, NULL, NULL) ) diff --git a/cipher/rsa-common.c b/cipher/rsa-common.c index 7b56237..29b7bc8 100644 --- a/cipher/rsa-common.c +++ b/cipher/rsa-common.c @@ -233,7 +233,7 @@ _gcry_rsa_pkcs1_decode_for_enc (unsigned char **r_result, size_t *r_resultlen, } -/* Encode {VALUE,VALUELEN} for an NBITS keys and hash algorith ALGO +/* Encode {VALUE,VALUELEN} for an NBITS keys and hash algorithm ALGO using the pkcs#1 block type 1 padding. On success the result is stored as a new MPI at R_RESULT. On error the value at R_RESULT is undefined. diff --git a/cipher/rsa.c b/cipher/rsa.c index b6c7374..895ee04 100644 --- a/cipher/rsa.c +++ b/cipher/rsa.c @@ -710,7 +710,7 @@ generate_x931 (RSA_secret_key *sk, unsigned int nbits, unsigned long e_value, if (e_value < 3) return GPG_ERR_INV_VALUE; - /* Our implementaion requires E to be odd. */ + /* Our implementation requires E to be odd. */ if (!(e_value & 1)) return GPG_ERR_INV_VALUE; diff --git a/compat/clock.c b/compat/clock.c index 7f250f3..2a2c205 100644 --- a/compat/clock.c +++ b/compat/clock.c @@ -23,7 +23,7 @@ clock_t _gcry_clock (void) { assert (CLOCKS_PER_SEC == 1000); -#warning Replace by a correct implementaion. +#warning Replace by a correct implementation. /* It seems that GetProcessTimes is available in the kernel but without a declaration. If that fails we would need to walk over all threads and tally up the GetThreadTimes. */ diff --git a/configure.ac b/configure.ac index 2609b41..7ea0b6a 100644 --- a/configure.ac +++ b/configure.ac @@ -339,7 +339,7 @@ AC_ARG_ENABLE(endian-check, if test x"$endiancheck" = xyes ; then AC_C_BIGENDIAN else - AC_DEFINE(DISABLED_ENDIAN_CHECK,1,[configure did not test for endianess]) + AC_DEFINE(DISABLED_ENDIAN_CHECK,1,[configure did not test for endianness]) fi AC_CHECK_SIZEOF(unsigned short, 2) @@ -1736,7 +1736,7 @@ AC_REPLACE_FUNCS([getpid clock]) # -# Check wether it is necessary to link against libdl. +# Check whether it is necessary to link against libdl. # DL_LIBS="" if test "$use_hmac_binary_check" = yes ; then diff --git a/doc/gcrypt.texi b/doc/gcrypt.texi index 4cdf75d..464c673 100644 --- a/doc/gcrypt.texi +++ b/doc/gcrypt.texi @@ -95,7 +95,7 @@ section entitled ``GNU General Public License''. * Prime numbers:: How to use the Prime number related functions. * Utilities:: Utility functions. * Tools:: Utility tools. -* Configuration:: Configuration files and evironment variables. +* Configuration:: Configuration files and environment variables. * Architecture:: How Libgcrypt works internally. Appendices @@ -5391,7 +5391,7 @@ Print version of the program and exit. @c **************** Environment Variables ***************** @c ********************************************************** @node Configuration - at chapter Configuration files and evironment variables + at chapter Configuration files and environment variables This chapter describes which files and environment variables can be used to change the behaviour of Libgcrypt. @@ -5869,7 +5869,7 @@ to mix in enough data from the gather modules before returning the actual random output. Process fork detection and protection is implemented. - at c FIXME: The design and implementaion needs a more verbose description. + at c FIXME: The design and implementation needs a more verbose description. The implementation of the nonce generator (for @code{gcry_create_nonce}) is a straightforward repeated hash design: A diff --git a/mpi/alpha/README b/mpi/alpha/README index 55c0a29..00addfd 100644 --- a/mpi/alpha/README +++ b/mpi/alpha/README @@ -5,7 +5,7 @@ RELEVANT OPTIMIZATION ISSUES EV4 1. This chip has very limited store bandwidth. The on-chip L1 cache is -write-through, and a cache line is transfered from the store buffer to the +write-through, and a cache line is transferred from the store buffer to the off-chip L2 in as much 15 cycles on most systems. This delay hurts mpn_add_n, mpn_sub_n, mpn_lshift, and mpn_rshift. @@ -20,7 +20,7 @@ EV5 1. The memory bandwidth of this chip seems excellent, both for loads and stores. Even when the working set is larger than the on-chip L1 and L2 -caches, the perfromance remain almost unaffected. +caches, the performance remain almost unaffected. 2. mulq has a measured latency of 13 cycles and an issue rate of 1 each 8th cycle. umulh has a measured latency of 15 cycles and an issue rate of 1 diff --git a/mpi/ec.c b/mpi/ec.c index 26dd947..016af00 100644 --- a/mpi/ec.c +++ b/mpi/ec.c @@ -35,7 +35,7 @@ #define point_free(a) _gcry_mpi_point_free_parts ((a)) -/* Print a point using the log fucntions. If CTX is not NULL affine +/* Print a point using the log functions. If CTX is not NULL affine coordinates will be printed. */ void _gcry_mpi_point_log (const char *name, mpi_point_t point, mpi_ec_t ctx) diff --git a/mpi/mips3/README b/mpi/mips3/README index e94b2c7..4ba4546 100644 --- a/mpi/mips3/README +++ b/mpi/mips3/README @@ -9,7 +9,7 @@ RELEVANT OPTIMIZATION ISSUES On the R4600, branches takes a single cycle - On the R8000, branches often take no noticable cycles, as they are + On the R8000, branches often take no noticeable cycles, as they are executed in a separate function unit.. 2. The R4000 and R4400 have a load latency of 4 cycles. diff --git a/random/random-drbg.c b/random/random-drbg.c index baaa65a..7f66997 100644 --- a/random/random-drbg.c +++ b/random/random-drbg.c @@ -2433,7 +2433,7 @@ drbg_healthcheck_sanity (struct gcry_drbg_test_vector *test) goto outbuf; max_addtllen = drbg_max_addtl (); max_request_bytes = drbg_max_request_bytes (); - /* overflow addtllen with additonal info string */ + /* overflow addtllen with additional info string */ drbg_string_fill (&addtl, test->addtla, (max_addtllen + 1)); len = drbg_generate (drbg, buf, test->expectedlen, &addtl); if (len) diff --git a/random/rndhw.c b/random/rndhw.c index e3a7861..2829382 100644 --- a/random/rndhw.c +++ b/random/rndhw.c @@ -61,7 +61,7 @@ poll_padlock (void (*add)(const void*, size_t, enum random_origins), /* Peter Gutmann's cryptlib tests again whether the RNG is enabled but we don't do so. We would have to do this also for our AES - implementaion and that is definitely too time consuming. There + implementation and that is definitely too time consuming. There would be a race condition anyway. Thus we assume that the OS does not change the Padlock initialization while a user process is running. */ diff --git a/random/rndunix.c b/random/rndunix.c index e7238f4..fcb45b7 100644 --- a/random/rndunix.c +++ b/random/rndunix.c @@ -319,7 +319,7 @@ static struct RI { { "/usr/bin/lpstat", "-t", SC(0.1), NULL, 0, 0, 0, 1 }, { "/usr/ucb/lpstat", "-t", SC(0.1), NULL, 0, 0, 0, 0 }, { "/usr/bin/tcpdump", "-c 5 -efvvx", SC(1), NULL, 0, 0, 0, 0 }, - /* This is very environment-dependant. If network traffic is low, it'll + /* This is very environment-dependent. If network traffic is low, it'll * probably time out before delivering 5 packets, which is OK because * it'll probably be fixed stuff like ARP anyway */ { "/usr/sbin/advfsstat", "-b usr_domain", diff --git a/random/rndw32.c b/random/rndw32.c index 8c507ac..1dec5a7 100644 --- a/random/rndw32.c +++ b/random/rndw32.c @@ -184,7 +184,7 @@ typedef struct double ssHigh; /* Highest readout */ long ssCount; /* Total number of readout */ char sspadding2[4]; /* Padding of 4 bytes */ - long double ssTotal; /* Total amout of all readouts */ + long double ssTotal; /* Total amount of all readouts */ char sspadding3[6]; /* Padding of 6 bytes */ double ssAlarm1; /* Temp & fan: high alarm; voltage: % off */ double ssAlarm2; /* Temp: low alarm */ @@ -221,7 +221,7 @@ typedef struct -/* One time intialized handles and function pointers. We use dynamic +/* One time initialized handles and function pointers. We use dynamic loading of the DLLs to do without them in case libgcrypt does not need any random. */ static HANDLE hNetAPI32; @@ -246,7 +246,7 @@ static int system_rng_available; /* Whether a system RNG is available. */ static HCRYPTPROV hRNGProv; /* Handle to Intel RNG CSP. */ /* The debug flag. Debugging is enabled if the value of the envvar - * GCRY_RNDW32_DBG is a postive number.*/ + * GCRY_RNDW32_DBG is a positive number.*/ static int debug_me; static int system_is_w2000; /* True if running on W2000. */ diff --git a/src/gcrypt.h.in b/src/gcrypt.h.in index 5727abb..8e49967 100644 --- a/src/gcrypt.h.in +++ b/src/gcrypt.h.in @@ -391,7 +391,7 @@ gcry_error_t gcry_sexp_build_array (gcry_sexp_t *retsexp, size_t *erroff, /* Release the S-expression object SEXP */ void gcry_sexp_release (gcry_sexp_t sexp); -/* Calculate the length of an canonized S-expresion in BUFFER and +/* Calculate the length of an canonized S-expression in BUFFER and check for a valid encoding. */ size_t gcry_sexp_canon_len (const unsigned char *buffer, size_t length, size_t *erroff, gcry_error_t *errcode); @@ -1669,7 +1669,7 @@ gcry_error_t gcry_prime_group_generator (gcry_mpi_t *r_g, void gcry_prime_release_factors (gcry_mpi_t *factors); -/* Check wether the number X is prime. */ +/* Check whether the number X is prime. */ gcry_error_t gcry_prime_check (gcry_mpi_t x, unsigned int flags); diff --git a/src/global.c b/src/global.c index 25815dd..0796a94 100644 --- a/src/global.c +++ b/src/global.c @@ -581,7 +581,7 @@ _gcry_vcontrol (enum gcry_ctl_cmds cmd, va_list arg_ptr) _gcry_set_preferred_rng_type (0); if (!any_init_done) { - /* Not yet intialized at all. Set a flag so that we are put + /* Not yet initialized at all. Set a flag so that we are put into fips mode during initialization. */ force_fips_mode = 1; } diff --git a/src/secmem.c b/src/secmem.c index 55424f2..8eb6630 100644 --- a/src/secmem.c +++ b/src/secmem.c @@ -91,7 +91,7 @@ typedef struct pooldesc_s static pooldesc_t mainpool; -/* A couple of flags whith some beeing set early. */ +/* A couple of flags whith some being set early. */ static int disable_secmem; static int show_warning; static int not_locked; diff --git a/tests/basic.c b/tests/basic.c index 342bf73..89b7917 100644 --- a/tests/basic.c +++ b/tests/basic.c @@ -5549,7 +5549,7 @@ check_stream_cipher_large_block (void) -/* Check that our bulk encryption fucntions work properly. */ +/* Check that our bulk encryption functions work properly. */ static void check_bulk_cipher_modes (void) { diff --git a/tests/bench-slope.c b/tests/bench-slope.c index 6d93ad2..75e6e43 100644 --- a/tests/bench-slope.c +++ b/tests/bench-slope.c @@ -1345,7 +1345,7 @@ cipher_bench_one (int algo, struct bench_cipher_mode *pmode) if (mode.mode == GCRY_CIPHER_MODE_XTS && blklen != GCRY_XTS_BLOCK_LEN) return; - /* Our OCB implementaion has restrictions for block-size. */ + /* Our OCB implementation has restrictions for block-size. */ if (mode.mode == GCRY_CIPHER_MODE_OCB && blklen != GCRY_OCB_BLOCK_LEN) return; diff --git a/tests/cavs_driver.pl b/tests/cavs_driver.pl index b95e9b1..bc93feb 100755 --- a/tests/cavs_driver.pl +++ b/tests/cavs_driver.pl @@ -1381,7 +1381,7 @@ sub rsa_siggen($$$) { # RSA SigVer test # $1: Message to be verified in hex form -# $2: Hash algoritm +# $2: Hash algorithm # $3: Signature of message in hex form # $4: n of the RSA key in hex in hex form # $5: e of the RSA key in hex in hex form diff --git a/tests/hashtest.c b/tests/hashtest.c index d79d104..2ecbc1f 100644 --- a/tests/hashtest.c +++ b/tests/hashtest.c @@ -1,4 +1,4 @@ -/* hashtest.c - Check the hash fucntions +/* hashtest.c - Check the hash functions * Copyright (C) 2013 g10 Code GmbH * * This file is part of Libgcrypt. diff --git a/tests/t-lock.c b/tests/t-lock.c index 679a5f1..7e5732e 100644 --- a/tests/t-lock.c +++ b/tests/t-lock.c @@ -213,7 +213,7 @@ check_nonce_lock (void) } -/* Initialze all accounts. */ +/* Initialize all accounts. */ static void init_accounts (void) { ----------------------------------------------------------------------- Summary of changes: TODO | 2 +- acinclude.m4 | 4 ++-- build-aux/texinfo.tex | 10 +++++----- cipher/cipher-internal.h | 2 +- cipher/cipher.c | 2 +- cipher/ecc-misc.c | 2 +- cipher/primegen.c | 2 +- cipher/rsa-common.c | 2 +- cipher/rsa.c | 2 +- compat/clock.c | 2 +- configure.ac | 4 ++-- doc/gcrypt.texi | 6 +++--- mpi/alpha/README | 4 ++-- mpi/ec.c | 2 +- mpi/mips3/README | 2 +- random/random-drbg.c | 2 +- random/rndhw.c | 2 +- random/rndunix.c | 2 +- random/rndw32.c | 6 +++--- src/gcrypt.h.in | 4 ++-- src/global.c | 2 +- src/secmem.c | 2 +- tests/basic.c | 2 +- tests/bench-slope.c | 2 +- tests/cavs_driver.pl | 2 +- tests/hashtest.c | 2 +- tests/t-lock.c | 2 +- 27 files changed, 39 insertions(+), 39 deletions(-) hooks/post-receive -- The GNU crypto library http://git.gnupg.org _______________________________________________ Gnupg-commits mailing list Gnupg-commits at gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-commits